Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Strange firewall behavior

    Firewalling
    2
    3
    1163
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Brutal last edited by

      Have strange behavior going on.  After playing with this, frankly I'm stumped

      Network setup.  All routers pfsense.  2 sites.  Site A has 1 router/1 wan(Router A).  Site B has 2 routers/2 wan (1 each)(Router B & C)

      Router A 192.168.1.1/24
      Router B 10.0.0.1/24
      Router C 10.0.0.3/24

      Router A  has an IPSEC VPN to  Router B.  Set to pass entire /24 network

      I have one server who's default gateway is Router C.  I have Router C programmed with a gateway to Router B (10.0.0.1).  Also with a route for 192.168.1.0/24 to go to gateway/Router B

      On Router C, I have a standard LAN Firewall rule allow any any.

      The strange part is I have firewall logs showing blocked traffic from 10.0.0.101 to 192.168.1.200.

      Shouldn't the standard lan rule allow the traffic, and shouldn't the route send that traffic over to Router B?  Why the log entry?

      1 Reply Last reply Reply Quote 0
      • Cry Havok
        Cry Havok last edited by

        Router B and C both have the same LAN subnet - unless you know exactly what you're doing that will cause you problems, and may be the cause of the problems you're seeing.

        1 Reply Last reply Reply Quote 0
        • B
          Brutal last edited by

          I'm sure its something simple i'm missing.

          I even changed the gateway within the firewall rule itself and was still getting deny logs.  Arg!!!!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post